prepare("SELECT * FROM users WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$result = $stmt->get_result();
$user = $result->fetch_assoc();
// Check if user exists and password is correct
if ($user && password_verify($password, $user['password'])) {
// Store user data in session
$_SESSION['user_email'] = $user['email'];
$_SESSION['role'] = $user['role'];
$_SESSION['user_id'] = $user['id'];
// Redirect to user dashboard or admin dashboard based on role
if ($user['role'] === 'admin') {
header("Location: admin_dashboard.php");
} else {
header("Location: dashboard.php");
}
exit;
} else {
$error_message = "Invalid email or password.";
}
}
?>
Login